Schedule a Consultation Today (614) 484-0918
Hero_Image

Posted April 25, 2018 by A-Jay Orr

Your Worst IT Nightmares: True Stories (Vol. 2)

Disclaimer: The events depicted in this article are true and accurate. Brace yourselves…
 

Welcome to volume two of Your Worst IT Nightmares. If you missed volume one, check it out here. The stories I am about to share are real-life examples of what can happen when businesses trust the wrong people with their IT support. Learn from their unfortunate experiences and don’t allow history to repeat itself.

 

The “You Get What You Pay For” Predicament

This predicament involved a client who was too small to hire in-house IT support. This client did the right thing and partnered with an IT service provider, who did a spectacular job. Such a great job, in fact, that the IT vendor never had a reason to be onsite. Eventually, the client started taking this exemplary work for granted and stopped realizing the value of the IT support. When the contract was up, the client phased out the IT support for a less expensive vendor. How hard can it be to support an environment that already runs perfectly, right?

Wrong. From the get-go, the new IT vendor raised all sorts of red flags. The client complained of poor response times and not feeling like a priority to the new vendor, who’s limited skillset, and lack of resources was evident. Shockingly, the new IT guy didn’t make it through the transition stages of the new partnership before accidentally erasing all of the client’s backup files!

The Outcome
Like the title of this story suggests, the client learned a tough lesson — you get what you pay for. Everyone has a budget, and that’s OK. But don’t sacrifice your business continuity to pinch a few pennies. A reputable vCIO understands the needs and limits of your business and will outfit your operations with affordable, reliable, IT support. We spend adequate time onsite to make sure you never forget where our loyalty lies and — we won’t accidentally delete your backup files.


 

The Blindsided Business Owner

Not long ago, I met the owner of a multi-million dollar organization. The owner had been working with the same IT vendor for about 20 years, and the two became friends as a result of their professional relationship. Unfortunately, the IT vendor got a little “too” comfortable and wasn’t being held accountable. This situation was a ticking time bomb, and when the explosion finally erupted, I was called to the scene.

A massive network crash resulted in the company having to put their backup solution to the test. That’s where things went from bad to worse. The IT vendor had not been performing routine tests of the backups. They soon found out that, while the backup software said the backups were completed successfully, the data had actually been corrupted. The last successful backup with good data was completed 18 months prior! Without the proper policies and reports in place, the company had no way of knowing that the IT vendor was slacking off. This mistake ended up costing the company a year and a half of data.

The Outcome
Sadly, even the most skilled vCIO can’t bring back data that wasn’t properly backed up. However, I was able to assist in getting the network up and implementing a backup solution with reporting safeties in place to reassure the owner that data was routinely and successfully saved. Had this organization been working with a vCIO from the start, they could have maintained their friendship with the IT vendor, and used me as the “bad cop” liaison, if needed.


 

The Phone Call Gone Wrong

This final story is a cautionary tale for all business leaders — a new style of hacking is sweeping the globe, making accomplices out of innocent office workers. This time, the target was a receptionist who answered the phone and was asked to take a brief survey about the business. The caller was phishing for information about the receptionist but did so in a mild-mannered way that avoided raising any suspicion. The object of his search? Answers to her security questions. What was your first pet’s name? What was your first car? What was your first job? Through friendly and manipulative conversation, the caller was able to glean a few answers. But, why the receptionist?

It turned out, she had fallen for this hacker’s USB bait. The hacker loaded a virus onto a USB drive and left it in a common place. The receptionist found the drive, plugged it into her computer and inadvertently infected the entire network. The hacker was able to see where the device was and who was using it. They called the user to get security password answers, gain access to the user’s account, change the existing passwords, and infiltrate the network.

The Outcome
The attack was unsuccessful at infiltrating the entire network, but it was a chillingly close call. Despite the receptionist being an innocent victim, she is still partly to blame, as is the IT department (who never put policies and procedures in place to prevent such an attack) and the company’s leadership team (who neglected to invest in proper employee training). To be fair, phishing attacks like this are relatively new and becoming more common. They use psychological manipulation called “social engineering” to carry out their attacks, and many businesses (and employees) have been blindsided by it. A vCIO’s job is to keep a pulse on developing cybersecurity trends and make certain that your business is always up-to-code.


 

The moral of these stories…

Never get too comfortable with your cybersecurity strategy. This is an area of technology that is changing faster than businesses can keep up. What worked six months ago might not work today. Your best odds of navigating this hostile environment unscathed is by hiring a virtual CIO. vCIO’s are vendor agnostic and dedicated to keeping your company safe, but without the overhead cost of hiring a full-time executive.

For more information about how a vCIO will prevent attacks and mishaps like these from happening at your organization, click here.